Faxploit: Fax Machine Issues in 2018?

Recent research by Checkpoint has revealed some shocking issues with HP fax machines. This is another example why we have to pay special attention to what goes on our networks.

Who would think that in 2018 we would be reviewing security challenges with fax machines? Well, the clever people at Check Point Research recently released an article and strong warning to get your HP fax machines and printers updated with the latest firmware. It turns out there are over 300 million fax numbers still in use throughout the world, and a great number of these are connected to both a standard “PSTN” phone line, plus an internal, private ethernet network. The research has proven that it’s possible to send a properly crafted fax to a publicly available fax machine, take over that device and then gain access your corporate network. Once on the internal network other systems are quickly comprised, stealing data or causing damage. The good news is that we have respectable people finding security vulnerabilities and then responsibly disclosing those to accountable companies like HP that react quickly and provide fixes. This is another good reminder that we need to be vigilant about staying up-to-date on firmware and also be thinking about what devices are allowed on our networks.